﻿<?php require_once("includes/session.php"); ?>
<?php confirm_logged_in(); ?>
<?php require_once("includes/connection.php"); ?>
<?php require_once("includes/functions.php"); ?>
<?php access_check(1,$connection); ?>
<?php include("includes/header.php"); ?>

<?php 
	//check if GET set
	if (!isset($_GET['vartid'])) {
		$to = "vartotojai.php";
		redirect_to($to);
		exit;  
		};

	//print_r ($_POST);
	
	$sql = "SELECT * ";
	$sql .= " FROM `action`";
	$action_set = mysql_query($sql, $connection);
	
	if (isset($_POST['submit'])){
		$a=1;
		do {
			if (isset($_POST[$a])){
				
				
				$sql = "UPDATE `permition` SET `allow` = '1' WHERE vartotojasid =";
				$sql .= $_GET['vartid'];
				$sql .= " AND actionid =";
				$sql .= $a;
				mysql_query($sql, $connection);
				$a++;
				
			}else{
				$sql = "UPDATE `permition` SET `allow` = '0' WHERE vartotojasid =";
				$sql .= $_GET['vartid'];
				$sql .= " AND actionid =";
				$sql .= $a;
				mysql_query($sql, $connection);
				$a++;
			};
		}while ($a!=(mysql_num_rows($action_set)+1));
		$message = "Vartotojo teisės išsaugotos<br><a href=\"vartotojai.php\">Gryžti prie vartotojų sąrašo</a>";
	}
?>

<article>
	<h2>Vartotojų teisės</h2>
	<p><?php echo $message;?></p><br>
	
  <form autocomplete="off" action="permitions.php?vartid=<?php echo $_GET['vartid'];?>" method="post" >
	<table border="1">
	<?php 
	
	
	while ($action = mysql_fetch_assoc($action_set)){
		echo "<tr ><td width=\"290px\" >";
		echo $action['desc'];
		echo "</td><td>";
		echo "<input name=";
		echo $action['actionid'];
		echo " type=\"checkbox\" ";
		$sql = "SELECT * ";
		$sql .= " FROM `permition`";
		$sql .= " WHERE `vartotojasid` = ";
		$sql .= $_GET['vartid'];
		$sql .= " AND `actionid` = ";
		$sql .= $action['actionid'];
		$perm_set = mysql_query($sql, $connection);
		if ((mysql_num_rows($perm_set))==0){
			$sql = "INSERT INTO `permition` ( ";
			$sql .= "`vartotojasid` ,`actionid` ,`allow`) VALUES (";
			$sql .= $_GET['vartid'];
			$sql .= ", ";
			$sql .= $action['actionid'];
			$sql .= ", 0)";
			mysql_query($sql, $connection);
		}ELSE{
			$perm = mysql_fetch_assoc($perm_set);
			
			if (($perm['allow'])==1){
				echo "checked";
			};
		};
		echo "	/>";
		echo "</td></tr>";

	};
	?>
</table>
<input name="submit" type="submit" value="Tinkinti"/>

					  </form>
</article>
				
            
<?php require("includes/footer.php"); ?>